CVE-2018-0469 – Cisco IOS XE Software Web UI Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-0469
A vulnerability in the web user interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a double-free-in-memory handling by the affected software when specific HTTP requests are processed. An attacker could exploit this vulnerability by sending specific HTTP requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition on an affected device. To exploit this vulnerability, the attacker must have access to the management interface of the affected software, which is typically connected to a restricted management network. • http://www.securityfocus.com/bid/105423 http://www.securitytracker.com/id/1041737 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-webuidos • CWE-415: Double Free •
CVE-2018-15377 – Cisco IOS and IOS XE Software Plug and Play Agent Memory Leak Vulnerability
https://notcve.org/view.php?id=CVE-2018-15377
A vulnerability in the Cisco Network Plug and Play agent, also referred to as the Cisco Open Plug-n-Play agent, of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due to insufficient input validation by the affected software. An attacker could exploit this vulnerability by sending invalid data to the Cisco Network Plug and Play agent on an affected device. A successful exploit could allow the attacker to cause a memory leak on the affected device, which could cause the device to reload. Una vulnerabilidad en el agente Cisco Network Plug and Play también llamado agente Cisco Open Plug-n-Play, de Cisco IOS Software y Cisco IOS XE Software podría permitir que un atacante remoto no autenticado provoque una fuga de memoria en un dispositivo afectado. • https://ics-cert.us-cert.gov/advisories/ICSA-19-094-02 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-pnp-memleak • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2018-15373 – Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-15373
A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust memory on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper memory handling by the affected software when the software processes high rates of Cisco Discovery Protocol packets that are sent to a device. An attacker could exploit this vulnerability by sending a high rate of Cisco Discovery Protocol packets to an affected device. A successful exploit could allow the attacker to exhaust memory on the affected device, resulting in a DoS condition. Una vulnerabilidad en la implementación de la funcionalidad Cisco Discovery Protocol en Cisco IOS Software y Cisco IOS XE Software podría permitir que un atacante adyacente sin autenticar agote la memoria de un dispositivo afectado, provocando una denegación de servicio (DoS) en consecuencia. • http://www.securityfocus.com/bid/105413 https://ics-cert.us-cert.gov/advisories/ICSA-19-094-03 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-cdp-dos • CWE-399: Resource Management Errors CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2018-15376 – Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Arbitrary Memory Write Vulnerabilities
https://notcve.org/view.php?id=CVE-2018-15376
A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device. The vulnerability is due to the presence of certain test commands that were intended to be available only in internal development builds of the affected software. An attacker could exploit this vulnerability by using these commands on an affected device. A successful exploit could allow the attacker to write arbitrary values to arbitrary locations in the memory space of the affected device. Una vulnerabilidad en el subsistema de pruebas embebido de Cisco IOS Software para routers Cisco 800 Series Industrial Integrated Services podría permitir que un atacante local autenticado escriba valores arbitrarios en ubicaciones arbitrarias en el espacio de memoria de un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ir800-memwrite • CWE-123: Write-what-where Condition •
CVE-2018-0475 – Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-0475
A vulnerability in the implementation of the cluster feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation when handling Cluster Management Protocol (CMP) messages. An attacker could exploit this vulnerability by sending a malicious CMP message to an affected device. A successful exploit could allow the attacker to cause the switch to crash and reload or to hang, resulting in a DoS condition. If the switch hangs it will not reboot automatically, and it will need to be power cycled manually to recover. • http://www.securityfocus.com/bid/105404 http://www.securitytracker.com/id/1041737 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-cmp • CWE-20: Improper Input Validation •